package com.risenb.controller;

import java.io.IOException;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.ibatis.annotations.Param;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

import com.risenb.bean.LoginLog;
import com.risenb.bean.Manager;
import com.risenb.bean.Permission;
import com.risenb.constant.Cache;
import com.risenb.dao.PermissionMapper;
import com.risenb.service.LoginLogService;
import com.risenb.service.ManagerRoleService;
import com.risenb.service.ManagerService;
import com.risenb.service.RoleService;
import com.risenb.util.EncryptUtil;

@Controller
@RequestMapping(value = "/manage")
public class LoginController extends CustomerBaseControllor {

	@Autowired
	ManagerService managerService;
	
	@Autowired
	ManagerRoleService managerRoleService;

	@Autowired
	RoleService roleService;

	@Autowired
	LoginLogService loginLogService;

	@Autowired
	PermissionMapper permissionMapper;

	/**
	 * 跳轉登錄
	 */
	@RequestMapping(value = "login", method = RequestMethod.GET)
	public String tologin() {
		return "manage/login";
	}

	/**
	 * 登出
	 * 
	 * @param session
	 * @return
	 */
	@RequestMapping(value = "logout")
	public String logout(HttpSession session) {
		session.removeAttribute("sessionManager");
		return "manage/login";
	}

	/**
	 * 登錄驗證，獲取用戶信息
	 * 
	 * @param request
	 * @param response
	 * @return
	 * @throws IOException
	 */
	@RequestMapping(value = "/login")
	public ModelAndView login(HttpSession session, @RequestBody @ModelAttribute Manager manager, @Param(value = "checkcode") String checkcode,
			HttpServletRequest request) throws IOException {
		ModelAndView model = new ModelAndView();
		Manager m = managerService.queryManager(manager);
		String code = session.getAttribute("checkcode").toString();
		if (!checkcode.equalsIgnoreCase(code)) {
			model.addObject("error", "验证码不正确");
		} else if (m == null) {
			model.addObject("error", "用户名不存在");
		} else if (!EncryptUtil.check(m.getPassword(), manager.getPassword())) {
			model.addObject("error", "用户名或密码错误！");
		} else if ("1".equalsIgnoreCase(m.getStatus())) {
			model.addObject("error", "用户名被冻结,请联系管理员");
		} else {
			HttpSession httpSession = Cache.loginStatus.get(manager.getUsername());
			if(null != httpSession){
				httpSession.removeAttribute("sessionManager");
			}
			LoginLog ll = new LoginLog();
			ll.setCreatetime(new Date());
			ll.setIp(getIpAddress(request));
			ll.setOperatime(new Date());
			ll.setOperator(m.getId());
			ll.setStatus(0);
			ll.setUserid(m.getId());
			loginLogService.createLoginLog(ll);
			session.setAttribute("sessionManager", m);
			Cache.loginStatus.put(manager.getUsername(), session);
			model.setViewName("redirect:/manage/index.im");
			return model;
		}
		model.setViewName("manage/login");
		return model;
	}

	/**
	 * 用戶登錄成功，獲取權限
	 * 
	 * @param session
	 * @return
	 */
	@RequestMapping(value = "index")
	public ModelAndView index(HttpSession session) {
		ModelAndView view = new ModelAndView("manage/index");
		Manager manager = (Manager) session.getAttribute("sessionManager");
		if (manager == null) {
			view.setViewName("manage/login");
			return view;
		}
		List<Permission> selectByManId = permissionMapper.queryByManId(manager.getId());
		Map<String,String> permissionMap = new HashMap<String,String>();
		for (int i = 0, size = selectByManId.size(); i < size; i++) {
			Permission permission = selectByManId.get(i);
			String url = permission.getUrl();
			if(null != url && !"".equals(url)){
				permissionMap.put(url, url);
			}
		}
		//将权限放入session 
		session.setAttribute("permissionMap", permissionMap);
		view.addObject("loginlogs", loginLogService.queryTen(manager.getId()));
		session.setAttribute("sessionManagerRole", selectByManId);
		// 获取权限
		return view;
	}
}
